Protecting Yourself from the Heartbleed Bug

Author

Released

4/15/2014

Protect yourself from Heartbleed—the web security flaw that can expose your passwords and other vulnerable data you have entered on websites, apps, email, and even chat. In this quick course, Justin Seeley explains what the Heartbleed bug is and what you should do to stay safe, and provides resources for following the latest Heartbleed developments.

Skill Level Beginner

6m 21s

Duration

7,376

Views

Show MoreShow Less

- [Voiceover] Hi there.My name is Justin Seeley,and in this movie,I'm going to be talking to you aboutthe recently discovered Heartbleed vulnerability,and what it means for you and your online security.Now if you're not familiar with Heartbleed,you might be wondering, what is this thing?In simple terms, Heartbleed is a security bug,or a problem that is affecting web serversfor lots of different websites,including big ones, like Facebook and Google.This bug can potentially expose sensitive informationthat you enter into these sites,and even apps in services like chat,and web-based email can be affected, as well.

In short, it's bad,and you need to be paying attention to it.Now that I've got your attention,you're probably wonderingwhat can you do to protect yourself.Well fortunately, your side of the equationis relatively simple.Over the next few weeks,be on the lookoutfor announcements from various apps or servicesthat you use regularly.While, any security notificationis probably important.Pay special attentionto the messages that reference Heartbleed, specifically,especially if they come from a financial institution,or an online retailer, where you storesensitive information,like credit cards or social security numbers.

Everybody is scrambling to fix this bugon their site right now,and once they send you a messagetelling you that they fixed it,you need to reset your passwords immediately.Also, if the app or serviceoffers 2-step verification for logins,you should seriously considerturning that on, in my opinion.Finally, be vigilant over the coming weeks,and months.Watch your online banking activity,and your email accounts.If something looks fishy,report it, or update your security settings right away.

Nobody is going to stand guard for youin this case,so you have to play it safe,and you have to be the watchman.There are already several websites reportingthat they've fixed the bugs on their end,and you should probably change your passwordson these services as soon as possible.Those services include Facebook.Now if you're not sure how to change your passwordon Facebook, that's okay.Just go up to the top right hand cornerof your Facebook profile,and then choose Settings.Once you get to the Settings section,you're going to go to the section labeled Password,enter in a new password,save the changes,and you're good to go.

You might also want to visitthe security tab in your preferences though,and turn on things like login approvals,code generator, or app passwords.These are all just different layers of securitythat you can add to your Facebook accountto make sure that all of your datais safe and secure.Instagram.You can login to Instagramdirectly from your web browserby going to instragram.com.Login using your credentials,and then click here in the top right corner.Choose Edit Profile, and then on the left hand side,click on change password.

Once you do that,you'll be able to enter in a new password,and then click the big green button,and you should be all ready to go.Twitter.On Twitter, you're going to login,and then click the gear iconin the top right hand corner of the website.Then you're going to choose Settings,and in the settings,you're going to choose Password,over on the left.Enter in your new password,and then click Save Changes.Google.Now this is a big one,because Google just doesn't include Google,it included Google+, YouTube,all of that stuff.

Gmail, everything's included with Google,so this one's really important.Just login to your Gmail account,then in the top right hand corner,click on the little Avatar,and then in the fly-out menu that comes out,choose Account.Once you get to the Account page,what you're going to do is go to the Security tab,and on the Security tab,you want to go down to the Password section,where you can change the password,and you can also set up 2-Step Verification,which is just another layer of added securityto your account that I highly recommendthat you turn on.

Finally, Dropbox.If you're anything like me,you store a lot of stuff in Dropbox.In order to change your password for Dropbox,you're going to login to Dropbox.com,click in the top right hand corner,go down to Settings,and then on the settings page,you want to go to the Security tab,and then change your password.Dropbox is also another companythat offers 2-step verification,so I highly recommend you turn that on, as well.At first, this 2-step verification thingis going to seem tedious,but after you realizethat it make you more safe and secure,it's going to be a no-brainer, I think.

For a more comprehensive list,check out the chartover on mashable.com,which offers a laundry list of sitesand details if you should be changing your passwordon all of those sites as well.I've bookmarked the URL for youat http://seeley.co/mashbleed.It's just a shortened URL that I created,making it easier for you to find it.There's also a really awesome infographicfloating around online,which was produced by LWG Consulting.You can view this graphic in its entirety,by going to Seeley.co./hbleedinfo.

Now might also be the timeto start thinking about usinga password management application.As security concerns continue to rise,protecting yourself with secure passwordsis never bad thing,and there are several apps out therethat will do that for you.My favorite is 1Password,not only does it help me rememberall of my passwords,but it also has a built-in password generator feature,which makes it easyto create complex, secure passwords,with very little effort.It's also available on Windows, Mac,Android, and iOS.

It's not free, but if you ask me,it's worth every penny they chargefor it, and then some.While Heartbleed isn't something to take lightly,it's not something to completely freak out about either.Just pay close attentionto all or your accounts,take the necessary precautions,and be sure to check with all of your service providers,to see what they're doing to protect you,and your information.The more information you have,the better you can protect yourself,and hopefully this videohas given you some insighton what to do regardingthis Heartbleed vulnerability.